CVE-2022-23460

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-23460
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23460.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-23460
Published
2022-08-19T20:15:08Z
Modified
2024-09-03T03:39:30.441817Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Jsonxx or Json++ is a JSON parser, writer and reader written in C++. In affected versions of jsonxx json parsing may lead to stack exhaustion in an address sanitized (ASAN) build. This issue may lead to Denial of Service if the program using the jsonxx library crashes. This issue exists on the current commit of the jsonxx project and the project itself has been archived. Updates are not expected. Users are advised to find a replacement.

References

Affected packages

Git / github.com/hjiang/jsonxx

Affected ranges

Type
GIT
Repo
https://github.com/hjiang/jsonxx
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Type
GIT
Repo
https://github.com/nlohmann/json
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v1.*

v1.0.0
v1.0.0-rc1
v1.0.1